search

wallabag / docker

Official docker-composer for wallabag.
618 stars 154 forks source link

Docker Secrets not working? #250

Open STaRDoGG opened 3 years ago

STaRDoGG commented 3 years ago

For some reason, the container seems to not be reading from the secret file in my config. Here's my setup:

    wallabag:
        image: wallabag/wallabag:latest
        hostname: wallabag
        environment:
          - TZ=America/Chicago
          - MYSQL_ROOT_PASSWORD__FILE=/run/secrets/MySQL-PW
          - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql
          - SYMFONY__ENV__DATABASE_HOST=mysql
          - SYMFONY__ENV__DATABASE_PORT=3306
          - SYMFONY__ENV__DATABASE_NAME=wallabagtest
          - SYMFONY__ENV__DATABASE_USER=wallabag
          - SYMFONY__ENV__DATABASE_PASSWORD__FILE=/run/secrets/WallabagDB-PW
          - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
          - SYMFONY__ENV__TWOFACTOR_AUTH=true
          - SYMFONY__ENV__TWOFACTOR_SENDER=no-reply@test.com
          - SYMFONY__ENV__FOSUSER_REGISTRATION=false
          - SYMFONY__ENV__FOSUSER_CONFIRMATION=true
          - SYMFONY__ENV__MAILER__USER=no-reply@test.com
          - SYMFONY__ENV__MAILER_PASSWORD_FILE=Wallabag-Mailer-PW
          - SYMFONY__ENV__FROM__EMAIL=no-reply@test.com
          - SYMFONY__ENV__SECRET_FILE=/run/secrets/Wallabag-Secret
          - SYMFONY__ENV__DOMAIN_NAME=https://my.domain.rocks
          - SYMFONY__ENV__SERVER_NAME=Test
        volumes:
          - /mnt/i/Wallabag/Images:/var/www/wallabag/web/assets/images:rw
          - /etc/localtime:/etc/localtime:ro
        secrets:
          - MySQL-PW
          - WallabagDB-PW
          - Wallabag-Secret
          - Wallabag-Mailer-PW
        deploy:
            mode: replicated
            replicas: 1
            placement:
              constraints:
                - node.labels.MainDaemon == true
            resources:
              limits:
                cpus: '1.0'
                memory: 500M
            restart_policy:
              condition: any
        networks:
          - odb

secrets:
  MySQL-PW:
    external: true
  WallabagDB-PW:
    external: true
  Wallabag-Secret:
    external: true
  Wallabag-Mailer-PW:
    external: true

Upon starting the service, it shows this error:

PLAY [localhost] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var TASK [Gathering Facts] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] TASK [needed dirs] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] => (item=/var/www/wallabag/app) ok: [localhost] => (item=/var/www/wallabag/app/config) ok: [localhost] => (item=/var/www/wallabag/data) changed: [localhost] => (item=/var/www/wallabag/data/assets) ok: [localhost] => (item=/var/www/wallabag/data/db) TASK [write parameters.yml] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var changed: [localhost] TASK [stat] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var skipping: [localhost] TASK [notify install for sqlite] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var skipping: [localhost] TASK [wait for db container] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] TASK [add mariadb db] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var fatal: [localhost]: FAILED! => {"changed": false, "msg": "unable to find /root/.my.cnf. Exception message: (1045, \"Access denied for user 'root'@'10.0.4.43' (using password: NO)\")"} RUNNING HANDLER [chown dir] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var PLAY RECAP bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var localhost : ok=4 changed=2 unreachable=0 failed=1 skipped=2 rescued=0 ignored=0

Looks like it's not reading the mysql pw from the secret. I've tested the exact same secret on my actual MySQL container itself as well, and it works. I can also see the secrets do exist within the WallaBag container at /run/secrets/.

Any ideas anyone?

j0k3r commented 3 years ago

Dont you need that PR? https://github.com/wallabag/docker/pull/248

STaRDoGG commented 3 years ago

@j0k3r

Dont you need that PR? #248

Has it not been merged yet? I was going on the info given @https://hub.docker.com/r/wallabag/wallabag

image

j0k3r commented 3 years ago

Uh oh, how can this be in docker hub as we didn't merge it? 🤔

STaRDoGG commented 3 years ago

@j0k3r Any reason for it not getting merged?

j0k3r commented 3 years ago

Poke @Kdecherf

jtagcat commented 3 years ago 
      - /mnt/i/Wallabag/Images:/var/www/wallabag/web/assets/images:rw

You using NFS? NFS might disallow chowning stuff.

Upon starting the service, it shows this error:

Read the error! See https://github.com/wallabag/docker/issues/174#issuecomment-905923784

DennisGaida commented 2 years ago

Any update on this? This issue seems a bit stale and I'm wondering if a new PR would help?

cerealconyogurt commented 6 months ago

Hey, any update on this?